Lucene search
+L

167 matches found

Cvelist
Cvelist
added 2019/07/23 10:31 p.m.25 views

CVE-2019-2844

Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: LDAP Client Tools. The supported version that is affected is 11.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to...

8.6AI score0.00424EPSS
Exploits0References1
CVE
CVE
added 2019/07/23 10:31 p.m.56 views

CVE-2019-2844

CVE-2019-2844 affects the LDAP Client Tools subcomponent of Oracle Solaris 11.4. The vulnerability is described as easily exploitable, permitting a low-privileged attacker with logon to the Solaris host to compromise the system, with potential impact on confidentiality, integrity, and availabilit...

8.8CVSS8.4AI score0.00424EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2019/07/19 12:0 a.m.5 views

Oracle Solaris Component Access Control Error Vulnerability (CNVD-2019-28101)

Oracle Sun Systems Products Suite is a suite of Sun systems products from Oracle Corporation, of which Solaris is one of the computer operating system components. A security vulnerability exists in the LDAP Client Tools subcomponent of the Solaris component of the Oracle Sun Systems Products Suit...

8.8CVSS6.7AI score0.00424EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/07/17 12:0 a.m.29 views

Oracle Solaris Critical Patch Update : jul2019_SRU11_4_11_4_0

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Oracle Solaris product of Oracle Sun Systems Products Suite component: Open Fabrics Tools. The supported version that is affected is 11.4. Difficult to exploit vulnerability allows...

8.8CVSS7.2AI score0.00424EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/08/20 10:51 a.m.5 views

postgresql: Uncontrolled search path element in pg_dump and other client applications

A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database...

8.8CVSS7.3AI score0.14142EPSS
Exploits1References5
Prion
Prion
added 2018/06/14 9:29 p.m.12 views

Privilege escalation

On Windows only, with a specifically crafted configuration file an attacker could get Puppet PE client tools aka pe-client-tools 16.4.x prior to 16.4.6, 17.3.x prior to 17.3.6, and 18.1.x prior to 18.1.2 to load arbitrary code with privilege escalation...

6.8CVSS7.7AI score0.00847EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/06/14 9:29 p.m.2 views

CVE-2018-6516

On Windows only, with a specifically crafted configuration file an attacker could get Puppet PE client tools aka pe-client-tools 16.4.x prior to 16.4.6, 17.3.x prior to 17.3.6, and 18.1.x prior to 18.1.2 to load arbitrary code with privilege escalation...

7.8CVSS6AI score0.00847EPSS
Exploits0References1
CVE
CVE
added 2018/06/14 9:0 p.m.43 views

CVE-2018-6516

CVE-2018-6516 affects Puppet Enterprise client tools on Windows. A specially crafted configuration file could cause the PE client tools (pe-client-tools) 16.4.x before 16.4.6, 17.3.x before 17.3.6, and 18.1.x before 18.1.2 to load arbitrary code with privilege escalation. Connected sources confir...

7.8CVSS7.7AI score0.00847EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/04/12 3:29 p.m.23 views

CVE-2015-1777

rhnregks in Red Hat Network Client Tools aka rhn-client-tools on Red Hat Gluster Storage 2.1 and Enterprise Linux RHEL 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle atta...

5.9CVSS5.6AI score0.01259EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2018/04/12 3:29 p.m.19 views

CVE-2015-1777

rhnregks in Red Hat Network Client Tools aka rhn-client-tools on Red Hat Gluster Storage 2.1 and Enterprise Linux RHEL 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle atta...

5.9CVSS6.3AI score0.01259EPSS
Exploits0References1
Prion
Prion
added 2018/04/12 3:29 p.m.13 views

Code injection

rhnregks in Red Hat Network Client Tools aka rhn-client-tools on Red Hat Gluster Storage 2.1 and Enterprise Linux RHEL 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle atta...

4.3CVSS7AI score0.01259EPSS
Exploits0References3
CVE
CVE
added 2018/04/12 3:0 p.m.51 views

CVE-2015-1777

CVE-2015-1777 affects rhnreg_ks in Red Hat Network Client Tools (rhn-client-tools) on Red Hat Gluster Storage 2.1 and RHEL 5, 6, 7. The component fails to properly validate hostnames in X.509 certificates from SSL servers, enabling a remote MITM that can prevent system registration. Root cause: h...

5.9CVSS5.6AI score0.01259EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/04/12 3:0 p.m.23 views

CVE-2015-1777

rhnregks in Red Hat Network Client Tools aka rhn-client-tools on Red Hat Gluster Storage 2.1 and Enterprise Linux RHEL 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle atta...

5.6AI score0.01259EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/05/23 12:0 a.m.26 views

SUSE SLES11 Security Update : SUSE Manager Client Tools (SUSE-SU-2017:1347-1)

The following security issue in spacewalk-backend has been fixed : - Non admin or disabled user cannot make changes to a system anymore using spacewalk-channel. bsc1026633, CVE-2017-7470 The update package also includes non-security fixes. See advisory for details. Note that Tenable Network...

9.8CVSS7.4AI score0.02145EPSS
Exploits0References12
OSV
OSV
added 2017/01/17 9:8 a.m.9 views

SUSE-RU-2017:0174-1 Recommended update for SUSE Manager Client Tools

This update fixes the following issues: osad: - Fix logfile option for osa-dispatcher. bsc980752 salt: - Update to 2015.8.12 - Add pre-require to salt for minions. - Do not restart salt-minion in salt package. - Add try-restart to sys-v init scripts. - Add 'Restart=on-failure' for salt-minion...

9.1CVSS9.2AI score0.02581EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2016/05/23 12:0 a.m.22 views

SUSE SLES11 Security Update : SUSE Manager Client Tools (SUSE-SU-2016:1366-1)

This update for SUSE Manager Client Tools provides the following fixes and enhancements : rhnlib : - Use TLSv1METHOD in SSL Context bsc970989 suseRegisterInfo : - Fix file permissions bsc970550 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE...

5.5AI score
Exploits0References3
OSV
OSV
added 2016/05/19 8:37 p.m.2 views

SUSE-SU-2016:1366-1 Recommended udpate for SUSE Manager Client Tools

This update for SUSE Manager Client Tools provides the following fixes and enhancements: rhnlib: - Use TLSv1METHOD in SSL Context bsc970989 suseRegisterInfo: - Fix file permissions bsc970550...

7.2AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2013/03/28 10:14 p.m.46 views

Important: Red Hat Security Advisory: Red Hat Storage 2.0 security, bug fix, and enhancement update #4

Updated Red Hat Storage 2.0 packages that fix multiple security issues, several bugs, and add enhancements are now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

9.8CVSS7.5AI score0.06518EPSS
Exploits0References14
Fedora
Fedora
added 2012/12/26 4:56 a.m.33 views

[SECURITY] Fedora 16 Update: squid-3.2.5-1.fc16

Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DN...

5CVSS8.2AI score0.23005EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.20 views

Scientific Linux Security Update : rhn-client-tools on SL5.x i386/x86_64

It was discovered that rhn-client-tools set insecure permissions on the loginAuth.pkl file, used to store session credentials for authenticating connections to servers. A local, unprivileged user could use these credentials to download packages they wouldn't normally have permission to download...

3.6CVSS5.5AI score0.00384EPSS
Exploits0References2
Rows per page
Query Builder